[musl] Re: Tweaking the program name for <err.h> functions
Andreas Schwab
schwab at suse.de
Mon Mar 11 15:09:43 UTC 2024
On Mär 11 2024, Skyler Ferrante (RIT Student) wrote:
> It seems like this is the main thing shadow-utils (and other projects)
> should be concerned about. Every setuid/setgid program should check
> for fd 0,1,2 being open at the start of execution, and either abort or
> open new fds to /dev/null to prevent file descriptor omission attacks.
That's what glibc already does.
--
Andreas Schwab, SUSE Labs, schwab at suse.de
GPG Key fingerprint = 0196 BAD8 1CE9 1970 F4BE 1748 E4D4 88E3 0EEA B9D7
"And now for something completely different."
More information about the libbsd
mailing list